Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

JonZittrain (628028) writes "I'm curious whether there are good prospects for 'timecapsuleencryption,' one of several ways of storing information that renders it inaccessible to anyone until certain conditions — such as the passage of time — are met? Libraries and archives could offer such technology as part of accepting papers and manuscripts, especially in the wake of the 'Belfast Project' situation, where a library promised confidentiality for accounts of the Troubles in North Ireland, and then found itself amidst subpoenas from law enforcement looking to solve long-cold cases. But the principle could apply to any person or company thinking that there's a choice between leaving information exposed to leakage, or destroying it entirely. Some suggested solutions are very much out of the box."

Safety through obscurity: Encrypt the time capsule and put it in a virus. One that is targeted at, say, machines in Southern China running Windows XP. Do the same with the key. The viruses do absolutely nothing until the targeted time/date, after which their only function is to attempt to send the encrypted data and the key to the gatekeeper and the keymaster or whoever is supposed to get them. Meanwhile, two things you can bet on: 1. There will be a few machines still running XP in southern China 10 year

Perhaps a bit off-topic, but it seems to me there should be stronger differentiation between various DRM schemes (as you allude to, as streaming vs. not streaming). In the one model, I pay for a good (an album, let's say). In the Old World, I would have purchased a vinyl/tape/CD, which in principle could not be taken away from me (ignore wearing down records, laser rot, etc.). I, as do many, have a philosophical problem with certain DRM schemes applied to this problem -- I buy something which can later be t

So what do you do when technology and law provides such an attractive feast for "content 'owners'" that it becomes impossible to purchase anything outright, and everything you pay for comes in the Netflix model?

To answer the OP's question, there is a solution: TecSec*. It provides a crypto-wrapper of sorts that allows for external data (literally anything quantifiable; e.g., geolocation data, time data, etc.) to be used as a condition for decryption. The notable caveat here is that you need a trusted sour

It is certainly less conceptually doomed than DRM; but your standard tamper-resistant hardware is unlikely to cut it for this situation:

The fundamental issue arises if data retention is a serious concern: for common uses of tamper-resistant hardware, it isn't. It's just being used as an access token of some kind, so the actual secret is largely irrelevant, so long as the attacker doesn't get it. If it gets wiped, IT/customer service will just issue you another one.

What I would be very interested to see (as, to the best of my knowledge, it's never come to court) would be the legal response to some sort of tamper resistant module with a time based rule, rather than a key or password of some kind.

Even in jurisdictions where compelling key disclosure is unambiguously something the authorities can do, the assumption (reasonably enough) is that the goods are either crypto keys or actually-good passwords, and anyone who refuses to disclose is either hiding evidence or ha

Send it on an elliptical orbit around the sun. Depending how many years you want before the key is back in our neighborhood, you select the appropriate orbit. Hmm, perhaps SpaceX should look into it and start commercializing such a service;)

So who gets to keep the half that goes on the website? What's to stop them from getting subpoenaed, hacked, or otherwise compromised?

Nothing in principle. However, there are secret-sharing techniques that would make this more practical: it is possible to divide a secret into N parts; but construct the divided pieces such that anywhere from 1 to N of them are required to reconstruct the original secret.

This doesn't solve the problem in any fundamental way; but it does help. You can now control both the risk of the secret being permanently lost(increase the number of parties who have parts, possibly even providing a given part to more than one party) and control the risk of enough parties being compromised to reveal the secret(set the number of required parts equal to, or close to N, and distribute the parts among different jurisdictions, storage mechanisms, and so on).

No perfectly elegant solution; but at least you get to pick your poison.

This doesn't solve the problem in any fundamental way; but it does help.

Actually I don't think it is possible to solve it at a fundamental level. The laws of physics are invariant under time. In fact this symmetry is what gives us conservation of energy. What this means is that any physical system must work the same regardless of when it is operated. The result is that the only way to make such a temporal crypto algorithm would be to use a tamper-proof physical device which will measure the passage of time - you cannot develop a time lock algorithm which will only run when the

While it wouldn't be perfectly precise, you could perhaps enforce a requirement to perform calculations which will take a certain amount of time in order to derive a decryption key. Of course, you'd probably need to put just as much time into deriving the encryption key beforehand.

1. Apply a key derivation function (e.g. scrypt) to a random seed with an iteration count high enough to take at least 10 years.
2. Use the result as a key to encrypt your data.
3. Destroy the plaintext and the key (but keep the s

Worse, if you want to maintain any schedule, you must make sure that the maximum effort is being carried out the whole time.

Basically, a secret that needs 10 years of cracking, has the issue that you need to motivate somebody to invest the energy (real and figuratively) into decrypting it.

Now you've got the issue, if there is enough motivation, your key might be cracked faster (because the adversary decided to throw a billion bucks into the game, or the hardware got much better in an unplanned way), or it m

While its practicality leaves...much to be desired...(and the risk of a sophisticated adversary snagging the data during transmission thanks to imperfect optics or reflective dust or such would be a problem) the "use a reflective object X light years away as the other half of the most insufferably slow delay-line memory in human history" solution arguably gets the closest to being a fundamental solution.

As far as being a practical solution, it could hardly be worse; but it's basically the only game in to

As well as the vulnerabilities to early cracking you mention this approach is also very vulnerable to permanent loss. If someone does not want you to ever retrieve the data all they need to do if fire a high energy electron beam at the same target any time between you sending the signal and its return. Assuming the energy is high enough to minimize dispersion, and they fire enough electrons then you will never receive the signal and so never be able to retrieve the data.

Use an embedded computer, designed to self destruct if tampered with. When the clock runs down it uploads the secret code to the web site. You don't "have" the code, and any attempt to get it will "destroy evidence".

I was thinking about this task a few weeks ago from the point of view of a real-world application: you're travelling in a war zone and want to ensure that your files are safe *even from yourself, your friends, your employer, and everyone who cares about you*. Because if you're taken prisoner, they're not going to use a 30 million dollar supercomputing cluster to crack the encryption on your laptop; they're going to work you over with a pair of pliers, perhaps taking off a few body parts, until you tell them. And if you don't have the key, they'll just threaten harm to you to people you care about who do - assuming they can't outright capture said people as well. Nobody you now can be responsible for the key. The key has to be held by someone who by nature of their contract doesn't give a rat's arse about you and won't change their terms even to save your life.

But of course, what if they were compromised - legally (subpoena), or extrajudicially (someone with a pair of pliers)? So we get into the sitution where a server for a service that controls giving out of keys needs to be safe even from its owners. While terms for key storage involving personal judgement calls (such as "did the person contracting with us successfully make it out of the country and is no longer under coersion?") can't be automated, simple time locks can, so the issue simply comes down to, "Can you keep reliable running key storage system that can't be compromised even by physical access"? A potential solution to reliability (since any system tht locked will be immune to maintenance as well!) would be to store the every key on multiple running systems in different locations in hopes that at least one of them lives long enough to yield the key at the correct time. As for security, for example, even with full memory encryption, ram is vulnerable to cold boot attacks and the key to decrypting memory has to be stored somewhere, but one solution to that is storing critical portions of data only in CPU cache. But that's only one possible attack vector among many. At least you could respond to a subpoena, "Hey, maybe you have a way to get at this data, but I sure don't. If you'd like to fund a multi-million dollar research project on how to get ahold of it, I won't stand in your way, I'll be fully cooperative..." You could also make it harder by having a multi-part key, with each part held by different entities in different jurisdictions. Though that could increase reliability challenges.

In short, at the very least you can make it very, very difficult to get keys. Maybe you can't stop a secret NSA raid on all physical servers taking part the world over, but you could stop pretty much anything else.

You guys are thinking too much into this. Any third party you entrust your secret to (bank authorities, lawyers, software etc) is a potential point of breach.

Just keep your information in hard copy (papers, journals etc), put it in a box, lock it up and bury it. Entrust the secret and key to a son/daughter with strict instructions it is not to be opened until you pass away, with the warning that the secrets revealed may destroy the family.

The less people know about it, the more secure it is.

I'd rather trust family who have an interest in protecting your secrets rather than some stranger or worse, impersonal unthinking code. And having a living, thinking secret keeper who can respond to challenges and situations you may not even forsee is far more effective.

Of course, it's also true that the fewer people know about it, the more likely it will be permanently lost.

Granted, there is always a risk. But in a situation where you have a secret that cannot be released now but which you hope to release for posterity in the future, usually the potential damage caused by premature disclosure far outweighs any possible benefits. Take the example of the Boston papers; I'm sure the parties who contributed their knowledge of the IRA activities would rather their information be destroyed rather than be disclosed now exposing them to criminal liability.

You guys are thinking too much into this. Any third party you entrust your secret to (bank authorities, lawyers, software etc) is a potential point of breach.

Just keep your information in hard copy (papers, journals etc), put it in a box, lock it up and bury it. Entrust the secret and key to a son/daughter with strict instructions it is not to be opened until you pass away, with the warning that the secrets revealed may destroy the family.

The less people know about it, the more secure it is.

I'd rather trust family who have an interest in protecting your secrets rather than some stranger or worse, impersonal unthinking code. And having a living, thinking secret keeper who can respond to challenges and situations you may not even forsee is far more effective.

I'm going to do this, and all that will be in the capsule will be a note saying, "You have been pwned! Dad has trolled you one final time."

Launch the data into oputer space on a satellite, programmed to transmit the data after a set time period. For best results, send the machine on a massive period orbit to the outer solar system, or in a pinch, crash land it it on the Moon or Mars.

Governments will either have to give up, or else fund massive space project. Either way, we win.

Easier idea. Put the data in a tiny pressurized capsule and drop it deep in the ocean. After a set amount of time the capsule is designed to inflate an air bladder, rise to the surface and transmit via radio frequency.

There's no way to retrieve this ahead of time because:1. The ocean is vast and the capsule is tiny.2. The ocean is so deep that you would have to send a robotic submarine to find it and no one would know where to look. If you can lose a plane at the bottom of the ocean, you can lose a 1 foot capsule even more easily.

I think this post may be the best in the thread because it answers the question (time based, not coy power), it's somewhat practical unlike astronomical solutions, and recent events show it would be secure. If multiple motivated governments can't find an airliner, someone in a Snowden-like position could be reasonably confident that a small container dropped even just off the coast of California would remain there for quite a long time.

work with the environment, not against it. You would have a weight, tether and float, your electronics go in the float portion, a solid state unit that is robust and has a average density just a fraction less than water. The tether is designed to corrode and fail after a year, or you perhaps have an electro magnetic clamp, or explosives, or several mechanisms of cutting the tether. As long as your device is below 750M it is below regular submarine depth and well below fishing depth and generally quite hard to get until it comes up.

I wonder if a sensible method could be constructed using the properties of radioactive decay. The obvious one is to slip the key in with a nuke set to go off if tampered with, which would of course be safe after a few thousand years (give or take) but I dare say someone smarter than me can figure out a better way of doing it.

Nuclear weapons have a shelf period of about 20 years. After that, they need maintenance. Could be less, could be more, depends on the type.
More time that passes, less likely the detonation and more likely a malfunction.

The problem is that radiation might mess up whatever you're storing the key on, especially if you're talking about a15 year window. There are some difficulties with this approach on a long timescale (we don't make batteries that last 15 years, and it would be hard to extract energy from the environment).

Still, there are long term timers that could be made to work. You could literally do a Pitch Drop experiment and have the bottom plate be pressure sensitive and spring loaded (make sure you choose sprin

Most modern cryptography works because it's difficult to solve certain math problems, but the limits of "difficult" keep getting bigger. It should be possible to make a rough estimate of how much processing power will be available to break your encryption by what date, to the parties of interest. Make your keys that strong, and hope you're close.

To build off of the Belfast Project example from TFS, a 50-year timespan might be reasonable. What kind of decryption ability might we have in 50 years? I'm no expert in cryptography, but an elliptic curve algorithm with a fairly-strong key seems reasonable to me. Encrypt it, destroy the plaintext, and forget about it. Forty-five years from now, a government might have the ability to decrypt the material, but they'd have to care, first. It might take sixty years for a data-crunching powerhouse like Google to decrypt it, and perhaps in sixty-five years, they'll see fit to run a PR stunt by unlocking the time capsule.

There's a lot of guesswork and estimation involved, but such is the nature of all time capsules. You're assuming that the capsule will be intact and unlockable at a future time, which necessarily involves predicting future capabilities.

This will not work. "Available power" is not the same for different people. If you devise your key so that you will be able to break it in 20 years on a fast (projected) computer, a distributed project might be able to break it in 3 years. Remember that in 20 years, you want to be able to decode the data relatively easily, you can't assume that you will have 20,000 distributed nodes available.

If you want to protect against a government, assume they have a large number of powerful computers. If you want to protect against a large corporation, assume they have a small number of very powerful computers. If you want to protect against a local power, assume a small number of fairly weak computers. If you want to decode the data easily at a given time, consider how much power you will have available by then. Maybe your project is pressworthy enough to

Many of the advances in breaking encryption schemes come as people discover weaknesses that make the task easier, rather than a simple increase in computing power. These are impossible to predict and may make whatever system you use vulnerable.

In this case, the hidden crypto could simply be a one time pad that you store. One time pads are always secure as long as the source of random numbers you used was good. It might require a fair bit of storage, but archivists know a thing or two about long term shelf stable storage.

Added bonus: If you use the "sink it to the bottom of the ocean and recover it later" approach you will be guaranteed to have a cool and low radiation environment for the material. Hopefully it will be dry too, but that's

Flat file ascii and LTO tapes. I guarantee there will be LTO compatible tape drives for the next century, easily.

QIC tape format is 42 years old, ditto Ascii at 42 years old. It is highly unlikely ascii will be entirely disappeared in 8 years. Amazon and Google found several QIC tape readers for under $200. Tape is specifically invented and used for very long term storage. LTO tape readers will be around for a very very long time, for retention purposes. While not multi millennia solution, it's good for

The unavoidable weakness of which is pad recovery. As in, the adversary prevents you from destroying your pad and recovers it. Or, not you; someone else trusted with the pad (such as your corresponedent, who's languishing in a jail as an imposter receives your encrypted messages and decrypts them with the captured pad).

This is why self-destructs are so popular in "no-kidding" grade crypto gear, and why they often don't get an opportunity to work.

The problem is the attacker here is the people who write the laws. They are also the people who can protect themselves from prosecution and hide behind veils of secrecy if they do break their own laws. You can't trust the laws to protect you. That's why everybody is looking for technical solutions.

Lawyers violate client confidentiality every day. They can't be compelled to do so -- except by their larger clients. There has to be something in it for the attorney. I've seen ample numbers of confidential documents from an attorney soliciting business from me. I think that showing off and acting like an industry kingmaker is the predominant motive, but I don't get to see the horse-trading among legal professionals.

Except you can have said lawyer disbarred if you can prove they violated client confidence for unethical purposes. Contact your state bar association (for the US).

There's a simple solution everyone is ignoring. Hire lawyers in competing countries. For example. US, Switzerland, Russia and China. Split the key, send a piece to all four. Good luck getting the legal systems of all four locations to concur.

Yes, there are banks and lawyers that specialize in key or software escrow, btw. It's getting more po

Except you can have said lawyer disbarred if you can prove they violated client confidence for unethical purposes. Contact your state bar association (for the US).

There's a simple solution everyone is ignoring. Hire lawyers in competing countries. For example. US, Switzerland, Russia and China. Split the key, send a piece to all four. Good luck getting the legal systems of all four locations to concur.

It would be a full-time job disbarring every attorney who violated client confidentiality in my presence. Moreover, when I'm there, it's not my confidentiality they are violating.

Lawyers do what they do because they know they can get away with it.

I gather you haven't yet sampled the trustwothiness of lawyers in China and Russia.

Computers don't know what time it is. They'll accept what ever time is set.

The only way to have something encrypted for a period of time is to not publish the encryption key for that period of time.

The first two links in the summary are basically "make it easy enough to crack based on an assumption of the computational power available in the future"The 3rd is publishing a key on a network at a given time.

The only way to have something encrypted for a period of time is to not publish the encryption key for that period of time.

You can divide the secret key up into numerous pieces where M of N pieces need to be presented to reconstruct
the secret key.

Then make sure the actors are sworn to keep their key share vaulted in a safe place and neither release their share of the key NOR reveal/disclose that they have a share of the key, until the release date,
and M actors will not reside within the same legal j

OK, let's assume all the actors are peers and there is no central actor "in charge". That implies the actors are not unknown to each other. Otherwise, to whom do they swear - how do they know they are not swearing to the wolf[*]? The first problem you've got is that your entire organization of actors is exponentially exposed by the conspiracy's mutual knowledge of the identities of the others.

There is a social scheme to provide a level of relative security for an encrypted time capsule:

Choose n separate trusted individuals or organisations, ideally scattered around the world and unaware of who each other are

Gain promises from these entities that they will each send a block of data to the time capsule at a given time, and not before

Decide by policy how many of these entities (m) should be required to do their part, for the time capsule to be decrypted

For every combination of m entities, generate m strings, where the XOR of all these m strings arrives at the decryption key

For each of the n entities, issue the required number of strings (n-1)C(r-1) required to contribute to every combination of m entities of which this entity is a part

Each string is prefixed with a binary string of n bits, indicating by true/false values whether the string is part of a group of each of the n respective keepers

The whole set of strings given to each entity would be prefixed by a 'keeper number' and then encrypted

The time capsule curator destroys all record of who these trusted agents are, and relies on them to send their keys at the appointed time

Example - 10 keepers chosen, 4 in UK, 1 in Iceland, 2 in Australia, 1 in USA, 1 in Uruguay and 1 in Morocco. Policy chosen so that the cooperation of 7 is required to decrypt. Each keeper then is thus issued 84 strings. 1 agent dies, another agent gets busted, and a third agent becomes opposed to the decryption. This leaves 7 agents. They each send their key packages in to the time capsule curator, who decrypts each package, identifies which string within each package is need to form the key, XORs these strings, then arrives at a final decryption key.
Even if an intelligence organisation manages to extract keys from 6 of the agents, they won't be able to decrypt. If on the other hand, they kill up to 3 of the agents and stop them returning their keys, the decryption can still go ahead.
Ideally, you would want to set n and m according to perceived risk, plus the size of the data set. For example, 36 agents and 20 required would produce a key set which would fit into a cheap 8GB USB stick.

To break up the key, you could just use Reed Solomon error correction. N bits of key + M extra bits for error correction. Then you break it into numbered pieces. Any combination of pieces that provide N bits can be used for recovery. If you assemble more bits, you can even correct some amount of bit rot.

Who is the implied subject here? Who is the one who knows the identities of all these actors and knows ("believes" being more accurate strictly) that they can be trusted? The subject is the single point of failure in the sense that he has the knowledge to give up the entire conspiracy. Then the wolves in the various jurisdictions can start to make deals with each other until all the actors are in the hands of the

I started working on software to do this a few years back. I concluded that all the software is already written if you have a need and the problems are all regarding the way the user wants to protect the information, how much money they have to spend and how careful they are. In other words, it's a social/societal problem and you could setup a consulting service to help people do it, but software probably wouldn't be much benefit.

Here is an example:

First encrypt all the things. Then give the encrypted file to anyone since you're going to assume for the sake of this slashdot post that the crypto is unbreakable (if you're unwilling to accept this assumption then feel free to divide the data the same way the key is outlaid).

Next establish some trusts in your name and appoint a number of people as trust managers. This should probably be more than one trust and definitely more than one person. You may even need to obscure who creates the trust depending on what you're hiding and who might want to get it. Try to make some of the trust managers overseas might be good if you're worried about long term survivability of your data, since stability of a country might be in question in 100 years or so.

Now, cut your key into two halfs (or more), write out instructions that the managers are to meet at some location at a certain date. None of the managers should know any of the other managers. For survivability you might give a duplicate copy of parts of the key to multiple people so if one person doesn't show up there is still a chance to recover from it.

Ultimately nobody has knowledge of anything. On the date in question the responsible people show up only with the knowledge they are supposed to arrive with their bit of information. It could be that they don't arrive anywhere at all and their instructions are to publish the information. Without having context only the receiver would know what the completed key was for, and even they might have only been instructed to hold on to data for 100 years then accept the key when it arrives.

This scheme works best if there are multiple companies around the world formed with the purpose of doing this for people, or if it was a common service asked for at banks/law offices/etc. If the lawyer is holding on to only one key for 100 years they might become curious and try to figure out what it's for. If it's one key amongst thousands then it's nothing more than a tiny amount of data they're paid to deal with. They would also be less likely to publish the information out of turn because it could be they're storing it for something worth less than the amount they're paid to escrow it.

The NSA monitors all communications, they might (probably) figure out everyone you gave keys to. I doubt they care about nationality, they will just break into the offices (or infiltrate the office) and take the keys. The device the key is stored in probably won't last 100 years, it will need to be copied onto new media periodically. Ultimately you can't trust people to keep secrets.

But seriously, any truly secure system will have to take several things into account:

1. Any data transmitted in any way is vulnerable to interception.2. Systems can be hacked using security vulnerabilities you're not even aware of.3. Given enough time, all systems become circumventable with new technology.

So, so account for #1, you can't allow the data to be transmitted. So the data must be stored physically and

Why not just get a safety-deposit box and a lawyer. Pay the lawyer to open the box up and distribute the contents after x-number of years. If you are expecting to die before that date put a clause in your will to continue paying the lawyer's fees. Worried the lawyer will retire before then? Word the contract so that the lawyer has to transfer it to another lawyer who keeps getting paid by you.

"Promise me, Red. If you ever get out... find that spot. At the base of that wall, you'll find a rock that has no earthly business in a Maine hayfield. Piece of black, volcanic glass. There's something buried under it I want you to have."

Security by burying things under rocks seems as good a technique as any, in geological time.

Write it out on archival paper, put it in a sealed ceramic pot and bury it on the lee side of a travelling sand dune. - Ceramic so metal detectors won't find it.- how high up on the dune is determined by how fast the dune is travelling, and how long you want it to stay buried. - make the average density of the pot plus contents the same as the sand, so it neither sinks nor floats.

The only way I can see files being kept inaccessible without putting them in a long orbit is to use hardware that is too much of a pain to compromise, possibly with a deadman destruction system to make tampering very risky.If there's any form of encryption that has an existing key, all they need is the key. Of course, if they can't find it, it's no use for them, but it's pretty obvious that's not going to cut it since they are legally required to turn it over if given the proper paperwork. Going to jail for

""I'm curious whether there are good prospects for 'time capsule encryption,' one of several ways of storing information that renders it inaccessible to anyone until certain conditions â" such as the passage of time â" are met?"

The motivation for this question is vague. It could be that the OP has information about a criminal element that she wants released if she suffers an untimely death. It could be that the OP has solved the problem of nuclear fusion but is not ready to share it yet. The motiv

It's called "Northern Ireland". Submitter is presumably an American, has never been within 2000 miles of Ireland, and couldn't even point to it on a map. A map of the Western half of the British Isles.

Drop the goods into an ocean trench or any abyssal deep, with a timer that will inflate floatation devices and location beacon in x-number of decades. If the world cannot find an airliner, they are certainly not going to find a time capsule.

>especially in the wake of the 'Belfast Project' situation, where a library promised confidentiality for accounts of the Troubles in North Ireland, and then found itself amidst subpoenas from law enforcement looking to solve long-cold cases.

Are we supposed to feel sympathy when murdering scum finally face the justice they deserve?

No, you're supposed to recognize that if these subpoenas are upheld then no one can trust a library's promise of confidentiality in exchange for disclosure, meaning that this sort of information is more likely to be permanently lost in the future rather than placed into a sealed archive to be revealed at a later date.

The point isn't to shield wrongdoers, it's to ensure that history is preserved for future generations. If those involved can't trust that the information will remain sealed as agreed, then they

You are missing the point. Without a credible promise of confidentiality, they won't tell anyone. That means that they still won't be prosecuted. The criminals aren't the ones who need these agreements upheld; we are. Refusing the honor confidentiality agreements would just mean that the rest of us are left guessing about what actually happened, rather than (eventually) having access to first-hand accounts.

Overruling confidentiality for the sake of prosecution is a trick that works perhaps once or twice. Af

Distribute pieces of the key to a large number of anonymous individuals, such that thousands of pieces are needed for decryption. A popular Linux distro like Ubuntu could run necessary software by default and, in exchange, give users ability to use timed encryption for their own needs.

The difficult part is finding some place to put your device where it can transmit data that everyone can receive, but it can not be otherwise accessed. ("Recipe for unicorn soup: First, catch a unicorn...") However, there are some possibilities. On the Moon would be good for a decade or so. Even an ordinary orbit, with "destruct if anyone gets close" circuitry, would be a possibility.

Now, the easy part. Generate a bunch of ginormous public/private key pairs, one for each day of secrecy expiration you

This also. Crimes should be solved. Its not a fiasco. They gave written testimony to a third party that was not their lawyer, that is admissible in court.

However, I think the particulars of this situation are such ( the troubles were a terrible thing that I don't want to see reignited ), that I would not have advised the Brittish/Northern Ireland authorities to have pursued it. They're risking the peace that was very hard fought. The only innocent parties in the conflict were the innocent civilians that we

That doesn't have anything to do with my post. Of course crime and legality are merely human constructs by those in power for their own benefit. Over time, our laws have mostly evolved to those that also do good things like promoting the general peace. And in my humble opinion, thats what should be done in the interpretation of, and application of those laws today. Which is why, I would advise against prosecuting IRA members now that they've disarmed.

This isn't about solving crime. It's about protecting history and making sure the first hand accounts are properly recorded before the people with first hand knowledge pass away. So there are two options:

1. Find some technical/legal/whatever solution that allows the people to come forward and tell their story and have it recorded in the history books, but avoid prosecution.
2. Lose the history and still prosecute nobody because obviously they won't want to come forward if it just puts them right in ja

It might be seen as some abstract fiaso of ethics in the USA, but that shit happened to people for real. Boston College screwed up, for sure, with a rather naive and slightly patronising project, but the rest is the law at work, in a way that it should work; uncovering truth and exposing wrongdoers to prosecution.

People have a right against self-incrimination. At least they do in the U.S.. I've heard what passes for "Miranda Rights" in the U.K., and you are effectively forced to incriminate yourself to assert an affirmative defense later. Basically, you have to make a decision up front, often without legal counsel, in order to be able to rely on the information in court later, should you choose that method of defense later.

The real question is whether or not Boston University was (A) capable of offering such guar

"You do not have to say anything, but it may harm your defence if you do not mention when questioned something which you later rely on in court. Anything you do say may be given in evidence."

pros and cons to it really, the US version, anything you say will be used *against* you. Anything helpful to you can be discarded by the police. In the UK you can say stuff helpful to yourself and it is worth doing that if it is true because the police have to note it down and you can use it. In the UK if you make up a

I'm perfectly aware of this - "You do not have to say anything, but it may harm your defence if you do not mention when questioned something which you later rely on in court. Anything you do say may be given in evidence." - which is what you're probably referring to..

Yes. This is exactly what I'm referring to.

However if your finger isn't too tired and you read the full act [legislation.gov.uk] you'll see that it goes on to say "[the judge, jury etc] may draw such inferences from the failure as appear proper.

and then "Where the accused was at an authorised place of detention at the time of the failure, subsections (1) and (2) above do not apply if he had not been allowed an opportunity to consult a solicitor prior to being questioned, charged or informed as mentioned in subsection (1) above.]"

The problem occurs when you are question prior to being in an authorized place of detention, at which point you don't yet have the opportunity to consult your solicitor (and depending on the circumstances, I'd think you'd want a barrister, instead, except in countries like Canada, where all solicitors are barristers).

Basically they can question the shit out of you at the scene, and then they can do it more on the ride to the station, and they can do it more on thei

Buddy of mine worked against the apartheid government in South Africa. He was a priest, and saw it as a religious duty. Lost friends and loved ones, risked everything, etc.

He wanted to go before the TRC to get his story on the record. Off the record, certain folks let him know that he was free to testify to absolutely anything that the previous government did. If he testified against the ANC, CPSA/SACP and especially Umkhonto we Sizwe, he might end up with his head cut off or otherwise severely punished.

I think it would be deeply insightful if we aired all the dirty laundry of Hoover's FBI dragnet. A lot of it has already been brought to light when... huh... a leftist activist group burglarized a field office and released document to the media about COINTELPRO [wikipedia.org].

Now, what was exposed was the offical documented record of what happened. Imagine if the actual agents revealed what really went on. Why they did it. What the rational was. Who ordered what.

Doesn't really work. Even if you eg. find a quasar that sends out a very specific signal every 100 years, you need to record the noise in order to get the key, at that point your encryption system is vulnerable to replay attacks where someone simply replays the noise in order to unlock the secret.

One system that theoretically would work in such fashion (somewhat) would be to send off a probe with your key and a decryption algorithm into space near the speed of light (otherwise it could be taken over by a 'f